<?php include('functions.php');
$file = basename($_GET['dir']); // get just the file name
$dir = $_GET['dir']; // lets find the file we are talking about
$real_dir_full = realpath("$dir"); // returns the proper dir()
$real_dir = dirname("$real_dir_full");
if($edit != true && $_SESSION["power"] != 'Administrator') {
echo '<script type="text/javascript">top.window.close()</script>';
exit;
}
if(!isset($_SESSION["pass"]) || !isset($_SESSION["user"])) {
log_write('admin', 'an unauthorised agent has attempted to access the edit page', 'Hack Attempt');
echo '<script type="text/javascript">top.window.close()</script>';
exit;
}
if ($_SESSION["pass"] != check($_SESSION["user"])) {
echo '<script type="text/javascript">top.window.close()</script>';
exit;
}
$tpe = strrchr($file,'.');
$type = str_replace('.','',$tpe); if($type == 'htm') $type = 'html';
$tyarr = array('c','cpp','css','html','js','pas','php','python','ruby','sql','vb','xml');
foreach($tyarr as $typ) {
if($type == $typ) { $keep = true; }
} unset($typ);
if(!isset($keep)) { $type = 'basic'; }
?><html>
<head>
<title>oPanel V<?php echo $ver; ?></title>
<link rel="stylesheet"href="style.css">
<!-- <style>textarea {margin-top:13px;_margin-top:14px;background:white;font-family:monospace;font-size:13px;margin-left:32px;white-space:pre;background-image:url("images/line-numbers.png");background-repeat:repeat-y;background-position:0 3px;line-height:16px;}
html>textarea{background-position:0 2px;}
textarea {background-image:url("images/line-numbers.png");margin-left:32px;} </style> -->
<link rel="shortcut icon" href="favicon.ico" />
<script language="javascript" type="text/javascript" src="includes/edit_area/edit_area_full.js"></script>
<script language="javascript" type="text/javascript">
editAreaLoader.init({
	id : "edit"		// textarea id
	,syntax: "<?=$type?>"			// syntax to be uses for highgliting
	,start_highlight: true		// to display with highlight mode on start-up
	,allow_toggle: false
});
</script>

<?php if(isset($_GET['wysiwyg']) && $_GET['wysiwyg'] == true) {
echo <<<LOL
<script type="text/javascript" src="wysiwyg/tiny_mce_gzip.js"></script>
<script type="text/javascript">
tinyMCE_GZ.init({
	plugins : 'safari,pagebreak,style,layer,table,save,advhr,advimage,advlink,emotions,iespell,inlinepopups,insertdatetime,preview,media,searchreplace,'+
	'print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template',
	themes : 'simple,advanced',
	languages : 'en',
	disk_cache : true,
	debug : false
});
</script>
<!-- Needs to be seperate script tags! -->
<script type="text/javascript">
	tinyMCE.init({
		// General options
		mode : "textareas",
		theme : "advanced",
		plugins : "safari,pagebreak,style,layer,table,save,advhr,advimage,advlink,emotions,iespell,inlinepopups,insertdatetime,preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template",
		// Theme options
		theme_advanced_buttons1 : "save,newdocument,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull,|,styleselect,formatselect,fontselect,fontsizeselect",
		theme_advanced_buttons2 : "cut,copy,paste,pastetext,pasteword,|,search,replace,|,bullist,numlist,|,outdent,indent,blockquote,|,undo,redo,|,link,unlink,anchor,image,cleanup,code,|,insertdate,inserttime,preview,|,forecolor,backcolor",
		theme_advanced_buttons3 : "tablecontrols,|,hr,removeformat,visualaid,|,sub,sup,|,charmap,emotions,iespell,media,advhr,|,print,|,ltr,rtl,|,fullscreen",
		theme_advanced_buttons4 : "insertlayer,moveforward,movebackward,absolute,|,styleprops,|,cite,abbr,acronym,del,ins,attribs,|,visualchars,nonbreaking,pagebreak",
		theme_advanced_toolbar_location : "top",
		theme_advanced_toolbar_align : "left",
		theme_advanced_statusbar_location : "bottom",
		theme_advanced_resizing : true,


	});
</script>

LOL;
}
echo '</head><body>';
if (!isset($file)) {
echo '<center><font class="bigred"><marquee>NO PAGE WAS SET TO EDIT</marquee></font></center>';
} elseif ($file == ""){
echo '<center><font class="bigred"><marquee>NO PAGE WAS SET TO EDIT</marquee></font></center>';
} elseif (!file_exists($real_dir_full)) {
echo '<center><font class="bigred"><marquee>THE FILE YOU SELECTED DOES NOT EXIST!</marquee></font></center>';
} elseif(!is_writable($real_dir_full) && $debug != true) {
echo '<center><font class="bigred"><marquee>THE FILE YOU SELECTED IS NOT WRITABLE!</marquee></font></center>';
} else {
if($_SESSION["power"] != 'Administrator') { $debug == false; }
if ($debug != true) {
$config_test = realpath("./config.php");
$oPanel_dir = dirname("$config_test");
if ($real_dir == $oPanel_dir) {
echo '<center><font class="bigred"><marquee>You can\'t edit oPanel Files!</marquee></font></center>';

exit;
}
}
// Get a file into an array.  In this example we'll go through HTTP to get
// the HTML source of a URL.
$lines = file("$real_dir_full");

echo"<CENTER><font class=med><b>Editing $real_dir_full...</b><hr />"; ?>
<form method="POST" name="editform" action="save.php">
<p><textarea id="edit" wrap="virtual" rows="40" name="content" cols="80">
<?php
// Loop through our array, show full source as HTML/PHP source.
foreach ($lines as $line_num => $line) {
   echo "" . htmlspecialchars($line) . "";
}
?>
</textarea></p>
<input type="hidden" value="<? echo $real_dir; ?>" name="dir">
Save file as: <input type="text" value="<? echo "$file"; ?>" name="filename">
<br><input type="submit" value="Save"></CENTER>
<?php
}
?>
<div style="position: absolute; width: 264px; height: 17px; z-index: 1; vertical-align: baseline; left:10px" id="credits">
oPanel V<?php echo $ver; ?> by <a href="http://olliespage.net/" target ="_blank">OlliesPage.net</a></div>
<div style="position: absolute; width: 500px; height: 17px; z-index: 1; vertical-align: baseline; right: 19px; text-align: right" id="BetaTesters">
BETA testers: <?php echo $BETAtesters; ?></div></font></body></html>